<script  language = "php">
require("dbinfo.inc.php");
session_start();

// Connect to server and select databse.
mysql_connect("$host", "$dbusername", "$dbpassword")or die("connection to host is denied");
mysql_select_db("$database")or die("cannot select DB");

// Define $userlogin and $userpassword
$userlogin=$_POST['userlogin'];
$userpassword=$_POST['userpassword'];

$userlogin = stripslashes($userlogin);//remove forward and backslashes
$userpassword = stripslashes($userpassword);//remove forward and backslashes injection protection
$userlogin= mysql_real_escape_string($userlogin);
$userpassword = mysql_real_escape_string($userpassword);

$passwordresult=mysql_query("SELECT * FROM $userTable WHERE username='$userlogin' and password='$userpassword'");

$teamQuery = mysql_query("SELECT team FROM $userTable WHERE username='$userlogin' and password='$userpassword'");
$row=mysql_fetch_array($teamQuery);
$team=$row['team'];

// Mysql_num_row is counting table row
$count=mysql_num_rows($passwordresult);
// If result matched $userlogin and $userpassword, table row must be 1 row

if($count==1)
{
	$_SESSION['team']=$team;
	$_SESSION['userlogin']=$userlogin;
	header("Location:Homepage.php");
}
else 
{	
	echo "<body>Incorrect Username or Password</body>";
}

</script>
